Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Your company has an Azure subscription named Sub1 that is associated to an Azure Active Directory (Azure AD) tenant named contoso.com.

The company develops an application named App1. App1 is registered in Azure AD.

You need to ensure that App1 can access secrets in Azure Key Vault on behalf of the application users.

What should you configure?

A.

an application permission without admin consent

B.

a delegated permission without admin consent

C.

a delegated permission that requires admin consent

D.

an application permission that requires admin consent

You need to delegate a user to implement the planned change for Defender for Cloud.

The solution must follow the principle of least privilege.

Which user should you choose?

A.

Admin1

B.

Admin2

C.

Admin3

D.

Admin4

You implement the planned changes for the key vaults.

To which key vaults can you restore AKV1 backups?

A.

AKV4only

B.

AKV3 and AKV4 only

C.

AKV4 and AKV5 only

D.

AKV2, AKV3, and AKV4 only

E.

AKV2, AKV3, AKV4, and AKV5

You need to implement the planned change for SQLdb1.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

Create a compliance policy.

B.

Configure Microsoft Entra authentication for SQLServer1.

C.

Create a Conditional Access policy.

D.

Configure a user-assigned managed identity for SQLdb1.

E.

Configure Federated client identity for SQLdb1.

You need to ensure that users can access VM0. The solution must meet the platform protection requirements.

What should you do?

A.

Move VM0 to Subnet1.

B.

On Firewall, configure a network traffic filtering rule.

C.

Assign RT1 to AzureFirewallSubnet.

D.

On Firewall, configure a DNAT rule.

You need to recommend an encryption solution for the planned ExpressRoute implementation. The solution must meet the technical requirements.

Which ExpressRoute circuit should you recommend for each type of encryption? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to configure WebApp1 to meet the data and application requirements.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

A.

Upload a public certificate.

B.

Turn on the HTTPS Only protocol setting.

C.

Set the Minimum TLS Version protocol setting to 1.2.

D.

Change the pricing tier of the App Service plan.

E.

Turn on the Incoming client certificates protocol setting.

You need to configure the AKS1 and ID1 managed identities to meet the technical requirements. The solution must follow the principle of least privilege.

Which role should you assign to each identity? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to implement the planned change for WAF1.

The solution must minimize administrative effort

What should you do?

A.

Create an Azure policy.

B.

Modify the Azure-managed DRS.

C.

Add a custom rule.

D.

Modify the Bot Manager 1.1 rule set.

You need to implement the planned change for VM1 to access storage1.

The solution must meet the technical requirements.

What should you do first?

A.

Configure a system-assigned managed identity on VM1.

B.

Configure federated identity credentials for ID1.

C.

Assign the Storage Blob Data Reader role to storage 1.

D.

Assign ID1 to VM1.

E.

Add a role assignment condition to storage1.